Canvas LMS SAML Single Sign-On (SSO) Integration with Drupal as IdP

Overview

This guide will help you integrate Drupal as a SAML 2.0 Identity Provider (IdP) and Canvas LMS as a Service Provider (SP) using the miniOrange SAML IDP module. This integration enables centralized user management and permission control, allowing users to access multiple applications with a single set of credentials. The module is compatible with Drupal 7, Drupal 8, Drupal 9, Drupal 10, and Drupal 11.

Download Schedule a Meeting

Installation Steps

Configuration Steps

Drupal SAML IdP Metadata:

• After installing the module on your Drupal site, in the Administration menu → navigate to Configuration → People → miniOrange SAML IDP Configuration. (/admin/config/people/miniorange_saml_idp/idp_setup)

• Navigate to the IDP Metadata tab. Copy the Entity ID/Issuer, SAML Login URL, and X.509 Certificate. Keep it handy. (This is required in order to set up Canvas LMS as a SAML SP)


Configure Canvas LMS as Service Provider:

• Login to your Canvas LMS domain as an Account Administrator.
• Switch to Admin View.

• Go to Courses and under Managed Accounts, click on your domain name.

• Click on Authentication in the left pane and select SAML from the Choose an authentication service drop down list.

• Under Current Integration, click on Add New SAML Config and enter the details as shown:


IdP Entity ID	Copy IDP Entity ID / Issuer from IDP Metadata tab in Drupal SAML IDP module and paste it.
Log On URL	Copy SAML Login URL from IDP Metadata tab in Drupal SAML IDP module and paste it.
Log Out URL	Copy SAML Logout URI from IDP Metadata tab in Drupal SAML IDP module and paste it.
Certificate Fingerprint	Follow the steps below to copy the Thumbprint of certificate: 1. Open the certificate that was downloaded earlier. 2. Go to Details and in the field column select Thumbprint. 3. Copy the Thumbprint that opens in the pane by pressing CTRL+C (Right-Click won’t work!). 4. Paste the Thumbprint in the Certificate Fingerprint. Make sure that there are no spaces in between the Certificate Fingerprint. Remove them manually.
Login Attribute	NameID
Identifier Format	urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
Authentication Context	urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
Login Label	Username
Unknown User Url	Leave blank.

Configuring Drupal as SAML Identity Provider (IdP):

• Go to the Drupal site. Navigate to the Service Provider Setup tab of the miniOrange SAML IDP module. (/admin/config/people/miniorange_saml_idp/sp_setup)
• Click on the Upload SP Metadata.

• Upload the metadata file downloaded from the Canvas LMS.

• Click on the Test button to test the SSO.


You have successfully configured the SAML SSO between Canvas LMS as SAML SP and Drupal as SAML IDP.

Related Articles

Explore the advanced features offered by the module with full-featured trial. You can initiate the trial request using Request 7-day trial button of the module or reach out to us at drupalsupport@xecurify.com for one-on-one assistance from Drupal expert.

• Setup Multiple Applications (Service Provider) with Drupal
• Share additional User Attribute/Roles to the Service Provider
• Dynamic Relay State (The URL to which users are redirected after successful authentication)
• IDP initiated SSO



24/7 Support

The Drupal developers at miniOrange offer quick and active support for your queries. We can assist you from choosing the best solution for your use case to deploying and maintaining the solution.

 Contact us



Case Studies

miniOrange has successfully catered to the use cases of 400+ trusted customers with its highly flexible/customizable Drupal solutions.

 Read more



Other Solutions

Feel free to explore other Drupal solutions that we offer the popular solutions used by our trusted customers include 2FA, User Provisioning, Website Security.

 Know More